Information Security Engineer

About The Position

Requirements

• 3-5 years of related information technology infrastructure experience  with identity and access management [IAM], SSO solutions including (SAML 2, OAuth 2, OIDC).
• Some experience in securing enterprise networks, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and secure network protocols (e.g., IPsec, SSL/TLS) heavy emphasis in SaaS apps such as Crowdstrike Falcon Complete, Netskope DLP, Nessus Tenable and asset management platforms such as Axionus.
• Overall Knowledge of endpoint protection technologies (e.g., anti-malware, EDR, DLP), and experience in managing and securing workstations, mobile devices, and servers.
• Have participated in penetration testing, vulnerability assessments, and red teaming exercises.
• General understating of industry standards, compliance, and legal requirements (ISO 27001, FedRAMP, NIST 800-171, NIST 800-53, SOC2, etc.) 
• Excellent trouble-shooting abilities in software and hardware and be able to lead outage calls and trouble-shooting conversations until resolved and provide detailed root cause analysis reports. 
• Above average understanding in vulnerability reporting using Saas platforms such as Nessus Tenable.
• Applicants must be authorized to work for any employer in the U.S.
• There is no immigration sponsorship available for this role (ex: H1-B, OPT, CPT, TN or any other employment sponsorship). 

Nice To Haves

• CISSP, CASP+, SSCP+, or other relevant security certificates 
• Certified Ethical Hacking (CEH)
• CISSP, CISA
• Network+, Security+, Linux+ or combination of similar certificates acceptable.

Responsibilities

• Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation.
• Work with cross functional teams to support security requirements to protect organization’s corporate, manufacturing, cloud and IoT environments from cyber-attacks.
• Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning. 
• Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes.
• Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation.
• Work with cross functional teams to support security requirements to protect organization’s corporate, manufacturing, cloud and IoT environments from cyber-attacks  
• Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning. 
• Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes.
• Assist Crowdstrike Falcon Complete team in remediation of critical information security incidents in coordination with 3rd party SOC team. 
• Implement and maintain security controls and have a suitable knowledge of existing cyber threats to infrastructure and clouded environments. 
• Participate in scheduled security assessment activities and projects to ensure industry compliance. 
• Initiate and maintain Security Incident Response Plan (SIRT) and After-Action Reports (AARs) to maintain operational continuity 
• Identify, analyze and interpret threat actors and malicious activity in client environments act upon and take the appropriate actions towards remediation and documentation. 
• Differentiate between potential intrusion attempts and pinpoint false alarms by working with EDR, Identity Protection and NextGen SIEM to develop resolution plans.
• Perform 3rd party vendor assessments and fulfill Proterra security assessments requirements
• Triage and respond to security events - serve as a primary responder for incidents, taking ownership of incidents and tracking through resolution. 
• Performs other related duties as assigned.